Twitter @TweetThreatNews
| Image | Tweet |
|---|---|
 |
Internal monitoring uncovered a suspected transfer of confidential commercial and financial documents across multiple NSW Government departments. NSW Police's Strike Force Civic secured the data with no service impact. #NSWTreasury #StrikeForceCivic
[249] 2026-04-22 16:15:04 | Cyber Attack |  Link ID:99616
|
 |
Mustang Panda deploys an evolved LOTUSLITE v1.1 backdoor targeting India’s banking sector and Korea-U.S. policy circles using DLL sideloading and advanced evasion tactics like runtime API resolution. #India #MustangPanda #Cyberespionage
[238] 2026-04-22 15:45:03 | Threat Research | Link ID:99614
|
 |
Former ransomware negotiator Angelo Martino pleaded guilty to conspiring with BlackCat/ALPHV to extort US companies by leaking confidential negotiation and insurance info. $10M seized, co-conspirators also guilty. #BlackCat #Ransomware #USA
[240] 2026-04-22 15:15:03 | Cybersecurity News | Link ID:99606
|
 |
Namastex.ai npm packages compromised by TeamPCP-style CanisterWorm malware. Attack used install-time worms to harvest secrets, exfiltrate data via HTTPS webhook and Internet Computer canister, and targeted PyPI. #SupplyChain #NamastexLabs #USA
[243] 2026-04-22 14:45:03 | Threat Research | Link ID:99610
|
 |
Ransomware group qilin claims attack on Kolin Turkey’s manufacturing sector. Details like attack method and ransom remain undisclosed. Incident surfaced April 21, 2026. #Kolin #Ransomware #Turkey
[197] 2026-04-22 14:00:04 | Ransom Monitor | Link ID:99608
|
 |
High-profile breaches hit Vercel, ANTS, and Seiko USA Shopify; misconfigured Perforce servers leak data. Ransomware, crypto threats, and regulatory moves from FTC and Italy dominate headlines. #DataBreach #Ransomware #Italy
[223] 2026-04-22 13:45:03 | Cybersecurity News | Link ID:99604
|
 |
Multiple waves of Bomgar RMM exploitation detected since Feb 2026, targeting outdated versions vulnerable to CVE-2026-1731. Incidents led to LockBit ransomware and widespread downstream compromises. #BomgarRMM #LockBitRansomware #USA
[233] 2026-04-22 12:45:02 | Threat Research | Link ID:99602
|
 |
Anthropic’s Claude Mythos AI shattered speed records in cyber offense by autonomously creating 181+ exploits for Firefox JS engine, cutting zero-day exploitation time to hours. #AIExploits #ZeroDayRace #USA
[208] 2026-04-22 11:45:03 | Threat Research | Link ID:99600
|
|
Industrial Carrocera Arbuciense, a Spanish manufacturing firm, fell victim to a ransomware attack linked to the threat actor Qilin. Details on methods or ransom demands remain undisclosed. #Ransomware #Manufacturing #Spain
[222] 2026-04-22 11:15:03 | Ransom Monitor | Link ID:99596
|
 |
Scottish man Tyler Robert Buchanan pleaded guilty to conspiracy in a massive phishing and SIM-swap scheme linked to Scattered Spider, stealing over $8M in crypto. Arrested in Spain, faces up to 22 years. #ScatteredSpider #Cryptocrime #Spain
[240] 2026-04-22 11:00:04 | Cybersecurity News | Link ID:99566
|
 |
Lawmakers consider labeling hospital ransomware attacks as terrorism and pursuing homicide charges for patient deaths, amid a surge from 238 to 460 attacks in 2025. #HospitalAttack #USLaw #Ransomware
[199] 2026-04-22 10:45:03 | Cybersecurity News | Link ID:99568
|
 |
UK regulator Ofcom is investigating Telegram and two teen chat sites over possible child safety violations, including sharing of abusive material and grooming risks under the Online Safety Act. #UK #OnlineSafety #ChildProtection
[228] 2026-04-22 10:30:03 | Cybersecurity News | Link ID:99570
|
|
Thunderbird 150.0 introduces searchable encrypted message bodies for OpenPGP and S/MIME, Unobtrusive Signatures, a PDF viewer with page reorganization, plus accessibility and Exchange fixes. #EmailSecurity #OpenPGP #Linux
[221] 2026-04-22 10:15:04 | Cybersecurity News | Link ID:99572
|
|
VirtualBox 7.2.8 released with support for Linux kernel 7.0, fixes for VMM Guru Meditation error VERR_IEM_IPE_4, FreeBSD 16.0 shutdown crash, Windows 11 BSOD, clipboard, graphics, and UEFI issues. #VirtualBoxUpdate #LinuxKernel #USA
[232] 2026-04-22 10:00:05 | Cybersecurity News | Link ID:99574
|
 |
Angelo John Martino III pleaded guilty to conspiring with BlackCat/ALPHV affiliates while acting as a ransomware negotiator, exploiting insider info to extort $75M from U.S. companies. Assets and crypto seized. #Ransomware #ExtortionScheme #USA
[244] 2026-04-22 09:45:02 | Cybersecurity News | Link ID:99594
|
|
Law firm Rutan & Tucker, LLP, based in Costa Mesa, CA, reportedly targeted by ransomware group SilentRansomGroup on April 21, 2026. Incident details remain unconfirmed. #RansomwareAttack #LawFirmBreach #USA
[206] 2026-04-22 08:45:03 | Ransom Monitor | Link ID:99592
|
 |
BlueHammer exploit abuses a TOCTOU race in Microsoft Defender update handling to escalate privileges via SAM hive access. RedSun and UnDefend showcase further escalation and update disruption methods. Patched on April 14, 2026. #BlueHammer #WindowsSecurity
[256] 2026-04-22 07:45:03 | Threat Research | Link ID:99590
|
 |
Fake Google Antigravity downloads from a typosquat domain deliver a trojanized MSI that disables Defender, steals browser credentials, crypto wallets, and persists via a scheduled task. #AntigravityThreat #DataTheft #USA
[220] 2026-04-22 06:30:03 | Threat Research | Link ID:99584
|
|
K2 Electric, Inc., a US-based commercial electrical contractor, suffered a ransomware attack by the Genesis group, causing system encryption and operational disruption. #RansomwareAttack #EnergySector #UnitedStates
[214] 2026-04-22 06:15:04 | Ransom Monitor | Link ID:99582
|
 |
Threat actor 888 leaked Ledil Immobilier’s database with 6,700 French real estate user records, exposing names, emails, phone numbers, addresses, and transaction details. Data from a Drupal Search API export. #France #DataLeak #RealEstateRisk
[244] 2026-04-22 06:00:05 | Cyber Attack | Link ID:99588
|
 |
French National Agency for Secure Documents (ANTS) confirmed a breach on April 15, 2026, with hacker "breach3d" offering up to 19M records from ants.gouv.fr for sale. Authorities involved include CNIL, ANSSI, and Paris prosecutors. #France #DataLeak
[249] 2026-04-22 05:45:04 | Cybersecurity News | Link ID:99586
|
 |
A malicious PDF with a “CHM оснастка” button downloads sankcionnui-MO-RF.rar from a compromised site. The CapFix group uses CapDoor malware and spoofed Windows-update domains as C2. #CapDoor #Russia #CapFix
[218] 2026-04-22 05:00:04 | Threat Research | Link ID:99578
|
 |
The Gentlemen ransomware-as-a-service has expanded rapidly, infecting 1,570+ corporate networks via SystemBC proxy using tactics like GPO abuse and Defender disabling across Windows, Linux, NAS, and ESXi. #Ransomware #Botnet #Israel
[232] 2026-04-22 04:45:03 | Cybersecurity News | Link ID:99580
|
|
North Korea-linked Jasper Sleet uses generative AI to create fake IT worker identities, exploiting Workday and career site APIs to infiltrate companies and access internal SaaS like Teams and SharePoint. #JasperSleet #NorthKorea #IdentityFraud
[243] 2026-04-22 04:30:04 | Threat Research | Link ID:99576
|
|
Synergy Engineering in the US faces a ransomware claim by threat actor securotrop, impacting 2111 GB of data. Incident status remains awaiting action as of April 2026. #DataBreach #RansomwareAttack #UnitedStates
[211] 2026-04-22 04:15:03 | Ransom Monitor | Link ID:99560
|
|
